The invention relates to systems and methods for authenticating users of computer systems, and in particular to systems and methods for encryption using asymmetric software key(s).
Authentication applications typically rely on one or more encryption algorithms. In symmetric-key encryption algorithms, the sender and receiver share a common, secret key which is used for both encryption and decryption. Such algorithms generally require that the symmetric key be shared in a secure way, for example through a secure communication channel, between the sender and receiver before any encrypted content is transmitted.
Public-key (asymmetric) algorithms such as the RSA (Rivest, Shamir, Adleman) algorithm employ a key pair including two related but distinct keys: a public key, which may be known to potential attackers, and a private key, which is kept secret by its owner. In the RSA encryption scheme, the public key includes a modulus N and a public exponent e, while the private key includes the modulus N and a private exponent d. The modulus N is the product of two large prime numbers, p and q. The public exponent e is relatively prime to the product (p−1)(q−1). The private exponent is d=e−1 mod((p−1)(q−1)). Someone in possession of the public key encrypts a readable (e.g. plaintext) message m to generate a ciphertext message c using the encryption operator c=me mod N. The plaintext message m can be recovered by the owner of the corresponding private key using the decryption operator m=cd mod N. The security of the scheme relies on the computational asymmetry of multiplication and factorization: it is relatively easy to compute the product of two large primes, N=pq, but significantly more expensive computationally to determine the prime factors of a given large number N. Thus, even if an attacker knows the modulus N and public exponent e contained in a public key, it is computationally difficult for such an attacker to determine the factors p and q, or otherwise determine the private exponent d necessary to decrypt messages encrypted with that public key.
Asymmetric key pairs may also be used to digitally sign documents. To sign a document, a hashing function is applied to the document to generate a hash of the document, and the hash is encrypted using the signer's private key to generate a signature. A message recipient decrypts the signature using the signer's public key, separately applies the same hashing function to the document to generate the hash of the document, and compares the resulting hash and decrypted signature. If the two hashes are identical, the signature is deemed valid.
The design of secure communications systems is commonly affected by tradeoffs between security and usability. Increasing system security often involves imposing additional burdens on users, which may reduce system usability. At the same time, the security of such systems depends on the security of the private key. In one approach to securing the private key, the private key is embedded in hardware or other tamper-proof environment, so that potential attackers do not have ready access to the private key contents even if they gain physical control of the device containing the key. Securing private keys may be significantly more difficult if the keys are maintained in software, particularly on systems such as smartphones which may be stolen or may otherwise come under the physical control of an attacker. Even if the private key is encrypted and a user password is required for its use, a determined attacker may employ various kinds of attacks such as brute force, dictionary, or personal data attacks to gain access to the private key. If the value of the key is sufficiently high, an attacker may employ significant computational resources to break the key's protections.